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DETAILED ACTION 
Claim Rejections - 35 USC §103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

2. Claims 1-18,22-40,42-45,47-49 are rejected under 35 U.S.C. 103(a) as being unpatentable 
by Stolfo et al (US 2004/0002903) and Wood et al (U.S. 6,609,198). 

As per claims 1,24,32,40 Stolfo disclosed a method for allowing proxies in an integrated Identity 
System and Access System, comprising the steps of receiving from a user of the Integrated 
System and Access System a request for the user to be a proxy for an administrator of the 
integrated Identity System and Access System (Page. 4, Paragraph. 0042-0043); associating said 
user with one or more credentials of said administrator without authenticating said user as said 
administrator; and allowing said user to use said Identity System as said administrator based on 
said one or more credentials of said administrator (Page. 4, Paragraph. 0047). 

However Stolfo did not disclose in detail; "And allowing said user to use said Access System to 
access resources based on one or more credentials of said user but not one or more credentials of 
said administrator". 
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However Wood et al disclosed, "In one configuration, a log-on service obtains credentials for an 
entity commensurate: with trust level requirements of an information resource (or information 
resources to be accessed with the environment parameters that affect the sufficiency of different 
credential type. Once the credentials have been obtained for entity and have been authenticated 
to a given trust level, access is granted, without the need for further credentials and 
authentication, to information resources for which the trust level is sufficient given a current 
session environment" (col. 2, lines 35-44). 

It would have been obvious to one having ordinary skill in the art at the time of the invention 
was made to have incorporated, "In one configuration, a log-on service obtains credentials for an 
entity commensurate: with trust level requirements of an information resource (or information 
resources to be accessed with the environment parameters that affect the sufficiency of different 
credential type. Once the credentials have been obtained for entity and have been authenticated 
to a given trust level, access is granted, without the need for further credentials and 
authentication, to information resources for which the trust level is sufficient given a current 
session environment as taught by Wood in the method and system of Stolfo to provide a more 
productive and maintenance free Identity system. 

3. As per claim 2 Stolfo- Wood disclosed wherein said step of receiving a request includes 
the steps of: providing a notification to said user of an ability to be said proxy for administrator; 
and receiving a request from said user to be said proxy for said administrator (Stolfo, Page. 5, 
Paragraph. 0051). 
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4. As per claim 3 Stolfo-Wood disclosed wherein: said notification includes an email 
(Stolfo, Page. 17, Paragraph. 0196). 

5. As per claim 4 Stolfo-Wood disclosed wherein: said notification includes a display page 
for said Identity System (Stolfo, Page. 1 8, Paragraph. 02 1 0). 

6. As per claim 5 Stolfo-Wood disclosed wherein said step of receiving a request includes 
the step of receiving an indication from said administrator that said user can be said proxy for 
said administrator (Stolfo, Page. 15, Paragraph. 0180). 

7. As per claim 6 Stolfo-Wood disclosed wherein said step of receiving a request includes 
the steps of providing a list of potential proxy candidates; providing a search mechanism to add 
more candidates to said list of potential proxy candidates (Page. 7, Paragraph. 0071); and 
receiving a selection of one or more of said potential proxy candidates, including a selection of 
said user (Stolfo, Page. 18, Paragraph. 0204). 

8. As per claim 7 Stolfo-Wood disclosed wherein: said credentials of said administrator 
include a distinguished name for said administrator (Stolfo, Page. 8, Paragraph. 0084). 

9. As per claims 8,25,33 Stolfo-Wood disclosed wherein: said credentials of said 
administrator include identity profile attributes for said administrator (Stolfo, Page. 1, Paragraph. 
0004). 
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10. As per claims 9,26,34 Stolfo-Wood disclosed wherein: said step of associating includes 
storing an identification of said administrator in a data element used to identify said user (Stolfo, 
Page. 4, paragraph 0042). 

11. As per claims 10 Stolfo-Wood disclosed wherein: said step of associating includes 
storing an identification of said administrator in a cookie for said user (Stolfo, Page. 18, 
Paragraph. 0207). 

12. As per claim 1 1 Stolfo-Wood disclosed wherein: said step of associating includes using 
an identification of said administrator to identify said user (Stolfo, Page. 10, paragraph. 0096). 

13. As per claims 12,27 Stolfo-Wood disclosed wherein said step of associating includes the 
steps of accessing an Identity System cookie for said user, said Identity System cookie stores an 
identification of said user (Stolfo, Page. 18, paragraph. 0207); storing said identification of said 
user from said step of accessing in a second cookie; and storing an identification of said 
administrator in said an Identity System cookie for said user (Stolfo, Page. 5, paragraph. 0051). 

14. As per claims 13,42,47 Stolfo-Wood disclosed further comprising the steps of receiving a 
request to terminate said user being a proxy for said administrator; accessing said identification 
of said user in said second cookie; and storing said identification of said user in said Identity 
System cookie for said user (Stolfo, Page. 18, Paragraph. 0207). 
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15. As per claim 14 Stolfo-Wood disclosed further comprising the steps of receiving a 
request from said user to access said Identity System; determining whether said Identity System 
cookie for said user exists; providing access to said Identity System for said (Stolfo, Page. 18, 
Paragraph. 0207). User if said Identity System cookie for said user exists; and authenticating said 
user and creating said Identity System cookie if said Identity System cookie for said user does 
not exist prior to said step of determining, said step of creating includes adding said 
identification of said user to said Identity System cookie (Stolfo, Page. 19, Paragraph. 213). 

16. As per claims 15,28,36,43,48 Stolfo-Wood disclosed wherein said step of allowing 
includes the steps of receiving a request from said user to access a service in said Identity 
System; accessing said identification of said administrator in said Identity System cookie (Stolfo, 
Page. 18, Paragraph. 0207); accessing attributes for said administrator based on said 
identification of said administrator in said Identity System cookie; and providing access to said 
service in said Identity System based on said attributes for said administrator (Stolfo, Page. 18, 
Paragraph. 0209). 

17. As per claims 16,29,37,44,49 Stolfo-Wood disclosed wherein: said steps of receiving, 
associating and allowing are performed without said user providing a password for said 
administrator (Stolfo, Page. 12, Paragraph. 0125). 
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18. As per claim 17 Stolfo-Wood disclosed wherein: said step of associating verifies that said 
administrator is a delegated administrator having a right to be proxied (Stolfo, Page. 10, 
Paragraph. 0101). 

19. As per claim 18 Stolfo-Wood disclosed further comprising the step of: delegating a right 
to be proxied to said administrator, said step of associating verifies that said administrator has. 
said right to be proxied (Stolfo, Page. 10, Paragraphed. 0101). 

23. As per claims 22,30,38 Stolfo-Wood disclosed wherein: said Identity System is part of an 
integrated Identity System and Access System; and said steps of associating and allowing 
provide for said user to be said proxy for said administrator in said Identity System but does not 
provide for said user to be said proxy for said administrator in said Access System (Stolfo, age. 
18, Paragraph. 0209). 

24. As per claims 23,3 1 ,39 Stolfo-Wood disclosed wherein: said Identity System is part of an 
integrated Identity System and Access System; said step of associating includes the steps of 
accessing an Identity System cookie for said user, said Identity System cookie stores an 
identification of said user, and storing an identification of said administrator in said an Identity 
System cookie for said user (Stolfo, Page. 18, Paragraph. 0209); said Access System uses an 
Access System cookie for said user, said Identity System cookie is separate from said Access 
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System cookie; and said Access System cookie for said user does not store an indication of said 
administrator (Stolfo, Page. 1 1, Paragraph. 0114). 

25. As per claim 35 Stolfo-Wood disclosed wherein: said step of associating include, the 
steps of: accessing an Identity System cookie for said user, said Identity System cookie stores an 
identification of said user, storing said identification of said user from said step of accessing in a 
second cookie (Stolfo, Page. 18, Paragraph. 0207), and storing an identification of said 
administrator in said an Identity System cookie for said user; and said method further comprises 
the steps of: receiving a request to terminate said user being a proxy for said administrator; 
accessing said identification of said user in said second cookie, and storing said identification of 
said user in said Identity System cookie for said user (Stolfo, Page. 18, Paragraph. 209). 

26. As per claim 45 Stolfo-Wood disclosed One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, said 
processor readable code for programming one: or more processors to perform a method 
comprising the steps of: receiving an indication that a user can be a proxy for a administrator, 
said indication is from said administrator; receiving an indication from said user to become said 
proxy for said administrator (Stolfo, Page. 5, Paragraph. 0056); associating said user with one or 
more credentials of said administrator without authenticating said user as said administrator; and 
allowing said user to use said system as said administrator based on said one or more credentials 
of said administrator (Stolfo, Page. 13, Paragraph. 0141). 
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Response to Arguments 

27. Applicant's arguments with respect to claims 1-18,22-40,42-45 and 47-49 have been 
considered but are moot in view of the new ground(s) of rejection. 



Conclusion 



28. Any inquiry concerning this communication or earlier communication from the examiner 
should be directed to Adnan Mirza whose telephone number is (571)-272-3885. 

29. The examiner can normally be reached on Monday to Friday during normal business 
hours. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jason Cardone can be reached on (571)-272-3933. The fax for this group is (703)- 
746-7239. The fax phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

30. Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for un published 
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applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov . Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at (866)-2 17-9 197 (toll-free). 

fill 
Adnan Mirza 
Examiner 
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